Paul's Security Weekly (Audio) Hackers On A Train - PSW #883
Jul 17, 2025
The hosts dive into the intriguing vulnerabilities of train RF control protocols, highlighting the risks of spoofing. They discuss the Flipper Zero's dual nature as a learning tool and potential interrogation device. The conversation touches on AI's evolving role in bug hunting, raising questions about human versus machine effectiveness. Additionally, they explore legacy devices still clinging to FTP, the complexities of securing Gigabyte motherboards, and the looming merger of Android and Chrome OS, weighing security benefits against risks.
AI Snips
Chapters
Transcript
Episode notes
Rail RF Protocols Are Fundamentally Fragile
- Legacy RF train control protocols lack integrity and rely on security through obscurity, making them vulnerable as SDRs get cheaper.
- Updating protocols (e.g., IEEE 802.16T) requires long hardware rollouts and is the hard fix, not simple patches.
Broken Trust Is Harder To Fix Than Bugs
- Many industrial systems were designed to run unmodified for decades and omitted authentication and integrity checks.
- Fixing them often demands re-architecting trust (keys, signing) and protecting those keys, not just patching code.
Prioritize Authenticated Protocol Upgrades
- Accelerate standards updates and plan for staged hardware replacements when feasible.
- Prioritize protocols with mutual authentication and integrity for new rolling stock and control devices.